search

aws-ia / terraform-aws-control_tower_account_factory

AWS Control Tower Account Factory
Apache License 2.0
630 stars 418 forks source link

aft-account-request-action-trigger lambda times out when querying service catalogue for items #494

Open Duanne-IAG opened 2 weeks ago

Duanne-IAG commented 2 weeks ago

AFT Version:

1.12.2 Terraform Version & Provider Versions

terraform version

1.7.2 terraform providers

hashicorp/aws v5.64.0

Bug Description When vending new accounts in aft, process fails before getting to the 'create pipeline' codebuild job. The 'aft-account-request-action-trigger' lambda function times out when attempting to retrieve 'healthy products'.

To Reproduce Steps to reproduce the behavior: Push new terraform file in account-request-repo to create new account.

Expected behavior Lambda function completes step with similar response to { "time_stamp": "2024-09-10 17:05:19,843", "module": "service_catalog", "log_level": "INFO", "log_message": "Did not find account with matching email in healthy status in Account Factory" }

Related Logs

Capture

Additional context Large AWS organization with over 600 accounts in AFT, over 1100 accounts in service catalogue. Perhaps we can make the memory size and timeout paremeterized?

JakeHendy commented 2 weeks ago

For context, we have 617 accounts managed by AFT and 1140 managed by Control Tower/Service Catalogue. Those outside of AFT are being brought in to Control Tower + Service Catalogue, as well as fresh account vends.